auto decrypt the request ciphertext and auto bypass the signature of the API. 针对数据包加密、签名保护的安全测试场景,借助burp插件自动解密数据包密文,自动绕过接口的签名保护,最后借助密文数据天然过waf的优势结合Xray等漏扫工具完成半自动的安全测试
☆53Mar 27, 2024Updated last year
Alternatives and similar repositories for AutoBypassEncryptAndSign
Users that are interested in AutoBypassEncryptAndSign are comparing it to the libraries listed below
Sorting:
- 使用 Java 实现的将 Burp 流量异步转发到 Xray 的 Burp 插件,内含多种功能☆16Jun 11, 2023Updated 2 years ago
- ☆21Jun 29, 2022Updated 3 years ago
- A burp Extender to detect json, include fastjson,jackson,gson☆45Sep 22, 2022Updated 3 years ago
- ☆44Jan 25, 2022Updated 4 years ago
- Easy burp sign extension!☆56Jan 27, 2025Updated last year
- 语雀敏感信息泄露搜索工具☆13Jan 20, 2023Updated 3 years ago
- 基于burpsuite的资产分析工具☆475Apr 29, 2023Updated 2 years ago
- 一款扫描js中敏感api的burp插件☆38Aug 30, 2023Updated 2 years ago
- BurpHttpHelper是一款Burpsuite插件,主要用于简化和解决Burpsuite对Http的一些操作.☆109Jan 22, 2023Updated 3 years ago
- An automated penetration testing information collection tool / 一款自动化渗透测试信息搜集类工具☆19Aug 16, 2023Updated 2 years ago
- Burp被动扫描流量转发插件☆84Jul 18, 2024Updated last year
- BurpSuite Rpc 算法转发插件☆17Jan 4, 2023Updated 3 years ago
- ARL使用代理池联动nuclei,xray通过企业微信机器人告警☆10Oct 28, 2022Updated 3 years ago
- Webpack自动化信息收集☆314Feb 20, 2023Updated 3 years ago
- 对/wgpsec/ENScan_GO的修改,只保留了爱企查接口,支持对外投资企业和子公司递归☆145Aug 19, 2023Updated 2 years ago
- 一款被动扫描ssrf的burpsuite插件☆20Dec 30, 2022Updated 3 years ago
- ExpFuzz字典☆21May 27, 2024Updated last year
- ddpoc的谷歌浏览器插件☆79Jan 25, 2024Updated 2 years ago
- 东方隐侠团队出品,代码审计skill☆64Feb 25, 2026Updated 3 weeks ago
- Burp插件,根据自定义来达到对数据包的处理(适用于加解密、爆破等),类似mitmproxy,不同点在于经过了burp中转,在自动加解密的基础上,不影响APP、网站加解密正常逻辑等。☆1,341Dec 14, 2025Updated 3 months ago
- Spring Actuator端点的BurpSuite被动扫描插件。☆202Nov 2, 2022Updated 3 years ago
- Whale-ApiUse是burp插件,可以用来测试wx公众号,微信小程序,钉钉,企业微信等的接口,通过输入key和secret进行测试,之所以做这个首先这是一个练手项目,后续也会继续维护更新,如果有好的建议欢迎留言。其次由于现有的工具都要额外下载,用起来繁琐,所以我想着通…☆13Jan 7, 2024Updated 2 years ago
- burp-http请求转发至其他模块的插件☆74Sep 13, 2020Updated 5 years ago
- 对Auth/Waf 自动化bypass的burpsuite插件☆1,104Feb 28, 2026Updated 3 weeks ago
- OneScan 是一款用于递归目录扫描的 BurpSuite 插件☆1,233Jun 24, 2025Updated 8 months ago
- 前端参数加密渗透测试通用解决方案☆575Oct 17, 2022Updated 3 years ago
- 瞎注修改版,新增了参数黑名单、返回包列排序、数据包内容自动匹配替换的功能☆24Mar 19, 2025Updated last year
- 这个项目主要用于辅助测试Swagger的XSS漏洞☆39Jun 11, 2022Updated 3 years ago
- 用于解决判断出网情况的问题,以http、ldap、rmi以及socket形式批量监听端口,在web界面进行结果查看☆127Apr 17, 2023Updated 2 years ago
- PyBurp is a Burp Suite extension that provides predefined Python functions for HTTP/WebSocket traffic modification, context menu registra…☆38Dec 28, 2025Updated 2 months ago
- 一款代理扫描器☆565May 5, 2023Updated 2 years ago
- 整合nuclei与xray(社区版、自带高级版),实现被动扫描+poc扫描自动化渗透流程☆71Apr 8, 2022Updated 3 years ago
- Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件☆1,313Jun 29, 2024Updated last year
- 微信sessionkey解密☆182Feb 10, 2023Updated 3 years ago
- 批量处理url链接,获取多级路径并打印☆46Jul 12, 2023Updated 2 years ago
- 渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss…☆13Jan 8, 2020Updated 6 years ago
- ☆11Jul 27, 2023Updated 2 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,050Oct 7, 2022Updated 3 years ago
- 自己积累的一些Java反序列化利用链☆91Feb 27, 2023Updated 3 years ago